Revision Date: | 2021-06-09 | Version: | 1 |
Title: | Security update for the Linux Kernel (Important) |
Description: |
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel memory (bsc#1186484). - CVE-2021-33034: Fixed a use-after-free when destroying an hci_chan. This could lead to writing an arbitrary values. (bsc#1186111) - CVE-2020-26139: Fixed a denial-of-service when an Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. (bnc#1186062) - CVE-2021-23134: A Use After Free vulnerability in nfc sockets allowed local attackers to elevate their privileges. (bnc#1186060) - CVE-2021-3491: Fixed a potential heap overflow in mem_rw(). This vulnerability is related to the PROVIDE_BUFFERS operation, which allowed the MAX_RW_COUNT limit to be bypassed (bsc#1185642). - CVE-2021-32399: Fixed a race condition when removing the HCI controller (bnc#1184611). - CVE-2020-24586: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances this can be abused to inject arbitrary network packets and/or exfiltrate user data (bnc#1185859). - CVE-2020-24587: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed (bnc#1185859 bnc#1185862). - CVE-2020-26147: The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments, even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used (bnc#1185859). - CVE-2020-26145: An issue was discovered with Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration. (bnc#1185860) - CVE-2020-26141: An issue was discovered in the ALFA driver for AWUS036H, where the Message Integrity Check (authenticity) of fragmented TKIP frames was not verified. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol. (bnc#1185987) - CVE-2021-23133: Fixed a race condition in SCTP sockets, which could lead to privilege escalation from the context of a network service or an unprivileged process. (bnc#1184675)
The following non-security bugs were fixed:
- ACPI / hotplug / PCI: Fix reference count leak in enable_slot() (git-fixes). - ACPI: CPPC: Replace cppc_attr with kobj_attribute (git-fixes). - ACPI: GTDT: Do not corrupt interrupt mappings on watchdow probe failure (git-fixes). - ACPI: custom_method: fix a possible memory leak (git-fixes). - ACPI: custom_method: fix potential use-after-free issue (git-fixes). - ACPICA: Enable sleep button on ACPI legacy wake (bsc#1181383). - ALSA: aloop: Fix initialization of controls (git-fixes). - ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro (git-fixes). - ALSA: core: remove redundant spin_lock pair in snd_card_disconnect (git-fixes). - ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer (git-fixes). - ALSA: hda/conexant: Re-order CX5066 quirk table entries (git-fixes). - ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries (git-fixes). - ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries (git-fixes). - ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries (git-fixes). - ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries (git-fixes). - ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill devices (git-fixes). - ALSA: hda/realtek: reset eapd coeff to default value for alc287 (git-fixes). - ALSA: hdsp: do not disable if not enabled (git-fixes). - ALSA: hdspm: do not disable if not enabled (git-fixes). - ALSA: line6: Fix racy initialization of LINE6 MIDI (git-fixes). - ALSA: rme9652: do not disable if not enabled (git-fixes). - ALSA: sb: Fix two use after free in snd_sb_qsound_build (git-fixes). - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX (git-fixes). - ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls (git-fixes). - ALSA: usb: midi: do not return -ENOMEM when usb_urb_ep_type_check fails (git-fixes). - ARM: footbridge: fix PCI interrupt mapping (git-fixes). - ASoC: cs35l33: fix an error code in probe() (git-fixes). - ASoC: cs42l42: Regmap must use_single_read/write (git-fixes). - ASoC: fsl_esai: Fix TDM slot setup for I2S mode (git-fixes). - ASoC: intel: atom: Stop advertising non working S24LE support (git-fixes). - ASoC: rt286: Generalize support for ALC3263 codec (git-fixes). - ASoC: rt286: Make RT286_SET_GPIO_* readable and writable (git-fixes). - ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips (git-fixes). - Bluetooth: SMP: Fail if remote and local public keys are identical (git-fixes). - Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default (git-fixes). - Bluetooth: initialize skb_queue_head at l2cap_chan_create() (git-fixes). - Drivers: hv: vmbus: Increase wait time for VMbus unload (bsc#1185724). - Drivers: hv: vmbus: Initialize unload_event statically (bsc#1185724). - Drivers: hv: vmbus: Use after free in __vmbus_open() (git-fixes). - EDAC/amd64: Gather hardware information early (bsc#1180552). - EDAC/amd64: Make struct amd64_family_type global (bsc#1180552). - EDAC/amd64: Save max number of controllers to family type (bsc#1180552). - HID: alps: fix error return code in alps_input_configured() (git-fixes). - HID: plantronics: Workaround for double volume key presses (git-fixes). - HID: wacom: Assign boolean values to a bool variable (git-fixes). - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices (git-fixes). - Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated devices (git-fixes). - Input: i8042 - fix Pegatron C15B ID entry (git-fixes). - Input: nspire-keypad - enable interrupts only when opened (git-fixes). - Input: silead - add workaround for x86 BIOS-es which bring the chip up in a stuck state (git-fixes). - KVM: s390: fix guarded storage control register handling (bsc#1133021). - NFC: fix possible resource leak (git-fixes). - NFC: fix resource leak when target index is invalid (git-fixes). - NFC: nci: fix memory leak in nci_allocate_device (git-fixes). - NFSv4: Replace closed stateids with the 'invalid special stateid' (bsc#1185481). - PCI: PM: Do not read power state in pci_enable_device_flags() (git-fixes). - PCI: Release OF node in pci_scan_device()'s error path (git-fixes). - RDMA/hns: Delete redundant condition judgment related to eq (bsc#1104427). - RDMA/srpt: Fix error return code in srpt_cm_req_recv() (bsc#1103992). - SUNRPC in case of backlog, hand free slots directly to waiting task (bsc#1185428). - SUNRPC: More fixes for backlog congestion (bsc#1185428). - USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet (git-fixes). - USB: Add reset-resume quirk for WD19's Realtek Hub (git-fixes). - USB: serial: fix return value for unsupported ioctls (git-fixes). - USB: serial: usb_wwan: fix unprivileged TIOCCSERIAL (git-fixes). - USB: trancevibrator: fix control-request direction (git-fixes). - af_packet: fix the tx skb protocol in raw sockets with ETH_P_ALL (bsc#1176081). - ata: libahci_platform: fix IRQ check (git-fixes). - ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices (git-fixes). - backlight: journada720: Fix Wmisleading-indentation warning (git-fixes). - batman-adv: Do not always reallocate the fragmentation skb head (git-fixes). - bluetooth: eliminate the potential race condition when removing the HCI controller (git-fixes). - bnxt_en: Fix PCI AER error recovery flow (git-fixes). - bnxt_en: fix ternary sign extension bug in bnxt_show_temp() (bsc#1104745). - bpf: Fix masking negation logic upon negative dst register (git-fixes). - btrfs: fix race between transaction aborts and fsyncs leading to use-after-free (bsc#1186441). - btrfs: fix race when picking most recent mod log operation for an old root (bsc#1186439). - bus: qcom: Put child node before return (git-fixes). - cfg80211: remove WARN_ON() in cfg80211_sme_connect (git-fixes). - cfg80211: scan: drop entry from hidden_list on overflow (git-fixes). - clk: exynos7: Mark aclk_fsys1_200 as critical (git-fixes). - clk: fix invalid usage of list cursor in register (git-fixes). - clk: fix invalid usage of list cursor in unregister (git-fixes). - clk: mvebu: armada-37xx-periph: Fix switching CPU freq from 250 Mhz to 1 GHz (git-fixes). - clk: mvebu: armada-37xx-periph: Fix workaround for switching from L1 to L0 (git-fixes). - clk: mvebu: armada-37xx-periph: remove .set_parent method for CPU PM clock (git-fixes). - clk: socfpga: fix iomem pointer cast on 64-bit (git-fixes). - clk: uniphier: Fix potential infinite loop (git-fixes). - cpufreq: Add NULL checks to show() and store() methods of cpufreq (bsc#1184040). - cpufreq: Avoid cpufreq_suspend() deadlock on system shutdown (bsc#1184040). - cpufreq: Kconfig: fix documentation links (git-fixes). - cpufreq: intel_pstate: Add Icelake servers support in no-HWP mode (bsc#1185758). - crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init (git-fixes). - crypto: qat - Fix a double free in adf_create_ring (git-fixes). - crypto: qat - do not release uninitialized resources (git-fixes). - crypto: qat - fix error path in adf_isr_resource_alloc() (git-fixes). - cxgb4: Fix unintentional sign extension issues (bsc#1064802 bsc#1066129). - dm: fix redundant IO accounting for bios that need splitting (bsc#1183738). - dmaengine: dw: Make it dependent to HAS_IOMEM (git-fixes). - docs: kernel-parameters: Add gpio_mockup_named_lines (git-fixes). - docs: kernel-parameters: Move gpio-mockup for alphabetic order (git-fixes). - drivers: net: fix memory leak in atusb_probe (git-fixes). - drivers: net: fix memory leak in peak_usb_create_dev (git-fixes). - drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f (git-fixes). - drm/amdgpu: fix NULL pointer dereference (git-fixes). - drm/amdkfd: fix build error with AMD_IOMMU_V2=m (git-fixes). - drm/i915/gvt: Fix error code in intel_gvt_init_device() (git-fixes). - drm/imx: imx-ldb: fix out of bounds array access warning (git-fixes). - drm/meson: fix shutdown crash when component not probed (git-fixes). - drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal (git-fixes). - drm/omap: fix misleading indentation in pixinc() (git-fixes). - drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected (git-fixes). - drm/radeon: Fix off-by-one power_state index heap overwrite (git-fixes). - drm/radeon: fix copy of uninitialized variable back to userspace (git-fixes). - e1000e: Fix duplicate include guard (git-fixes). - e1000e: Fix error handling in e1000_set_d0_lplu_state_82571 (git-fixes). - e1000e: add rtnl_lock() to e1000_reset_task (git-fixes). - ethernet:enic: Fix a use after free bug in enic_hard_start_xmit (bsc#1113431). - extcon: arizona: Fix some issues when HPDET IRQ fires after the jack has been unplugged (git-fixes). - fbdev: zero-fill colormap in fbcmap.c (git-fixes). - ftrace: Handle commands when closing set_ftrace_filter file (git-fixes). - genirq: Reduce irqdebug cacheline bouncing (bsc#1185703 ltc#192641). - gianfar: Handle error code at MAC address change (git-fixes). - gpio: xilinx: Correct kernel doc for xgpio_probe() (git-fixes). - gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055 (git-fixes). - i2c: cadence: add IRQ check (git-fixes). - i2c: emev2: add IRQ check (git-fixes). - i2c: i801: Do not generate an interrupt on bus reset (git-fixes). - i2c: i801: Do not generate an interrupt on bus reset (git-fixes). - i2c: jz4780: add IRQ check (git-fixes). - i2c: s3c2410: fix possible NULL pointer deref on read message after write (git-fixes). - i2c: sh7760: add IRQ check (git-fixes). - i2c: sh7760: fix IRQ error path (git-fixes). - i40e: Added Asym_Pause to supported link modes (git-fixes). - i40e: Fix PHY type identifiers for 2.5G and 5G adapters (jsc#SLE-4797). - i40e: Fix sparse errors in i40e_txrx.c (git-fixes). - i40e: Fix use-after-free in i40e_client_subtask() (bsc#1101816 ). - i40e: fix broken XDP support (git-fixes). - i40e: fix the panic when running bpf in xdpdrv mode (git-fixes). - i40e: fix the restart auto-negotiation after FEC modified (jsc#SLE-4797). - ibmvfc: Avoid move login if fast fail is enabled (bsc#1185938 ltc#192043). - ibmvfc: Handle move login failure (bsc#1185938 ltc#192043). - ibmvfc: Reinit target retries (bsc#1185938 ltc#192043). - ibmvnic: remove default label from to_string switch (bsc#1152457 ltc#174432 git-fixes). - igb: Fix duplicate include guard (git-fixes). - igb: check timestamp validity (git-fixes). - iio: adc: ad7793: Add missing error code in ad7793_setup() (git-fixes). - iio: gyro: mpu3050: Fix reported temperature value (git-fixes). - iio: proximity: pulsedlight: Fix rumtime PM imbalance on error (git-fixes). - iio: tsl2583: Fix division by a zero lux_val (git-fixes). - intel_th: Consistency and off-by-one fix (git-fixes). - ipmi/watchdog: Stop watchdog timer when the current action is 'none' (bsc#1184855). - ipw2x00: potential buffer overflow in libipw_wx_set_encodeext() (git-fixes). - kABI: powerpc/64: add back start_tb and accum_tb to thread_struct. - kabi: preserve struct header_ops after bsc#1176081 fix (bsc#1176081). - leds: lp5523: check return value of lp5xx_read and jump to cleanup code (git-fixes). - liquidio: Fix unintented sign extension of a left shift of a u16 (git-fixes). - mac80211: bail out if cipher schemes are invalid (git-fixes). - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN (git-fixes). - mac80211: clear the beacon's CRC after channel switch (git-fixes). - macvlan: macvlan_count_rx() needs to be aware of preemption (git-fixes). - md-cluster: fix use-after-free issue when removing rdev (bsc#1184082). - md/raid1: properly indicate failure when ending a failed write request (bsc#1185680). - md: do not flush workqueue unconditionally in md_open (bsc#1184081). - md: factor out a mddev_find_locked helper from mddev_find (bsc#1184081). - md: md_open returns -EBUSY when entering racing area (bsc#1184081). - md: split mddev_find (bsc#1184081). - media: adv7604: fix possible use-after-free in adv76xx_remove() (git-fixes). - media: dvb-usb: fix memory leak in dvb_usb_adapter_init (git-fixes). - media: dvbdev: Fix memory leak in dvb_media_device_free() (git-fixes). - media: em28xx: fix memory leak (git-fixes). - media: gspca/sq905.c: fix uninitialized variable (git-fixes). - media: i2c: adv7842: fix possible use-after-free in adv7842_remove() (git-fixes). - media: ite-cir: check for receive overflow (git-fixes). - media: m88rs6000t: avoid potential out-of-bounds reads on arrays (git-fixes). - media: media/saa7164: fix saa7164_encoder_register() memory leak bugs (git-fixes). - media: omap4iss: return error code when omap4iss_get() failed (git-fixes). - mfd: lpc_sch: Partially revert 'Add support for Intel Quark X1000' (git-fixes). - mfd: stm32-timers: Avoid clearing auto reload register (git-fixes). - misc/uss720: fix memory leak in uss720_probe (git-fixes). - misc: lis3lv02d: Fix false-positive WARN on various HP models (git-fixes). - misc: vmw_vmci: explicitly initialize vmci_datagram payload (git-fixes). - misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct (git-fixes). - mlxsw: spectrum_mr: Update egress RIF list before route's action (bsc#1112374). - mm: mempolicy: fix potential pte_unmap_unlock pte error (bsc#1185906). - mm: mempolicy: make mbind() return -EIO when MPOL_MF_STRICT is specified (bsc#1185906). - mmc: block: Update ext_csd.cache_ctrl if it was written (git-fixes). - mmc: core: Correct descriptions in mmc_of_parse() (git-fixes). - mmc: core: Do a power cycle when the CMD11 fails (git-fixes). - mmc: core: Set read only for SD cards with permanent write protect bit (git-fixes). - mmc: mmc_spi: Drop unused NO_IRQ definition (git-fixes). - mt7601u: fix always true expression (git-fixes). - mtd: require write permissions for locking and badblock ioctls (git-fixes). - net, xdp: Update pkt_type if generic XDP changes unicast MAC (bsc#1109837). - net/ethernet: Add parse_protocol header_ops support (bsc#1176081). - net/mlx4_en: update moderation when config reset (git-fixes). - net/mlx5e: Fix error path for ethtool set-priv-flag (git-fixes). - net/mlx5e: Remove the wrong assumption about transport offset (bsc#1176081). - net/mlx5e: Trust kernel regarding transport offset (bsc#1176081). - net/packet: Ask driver for protocol if not provided by user (bsc#1176081). - net/packet: Remove redundant skb->protocol set (bsc#1176081). - net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template (git-fixes). - net: Do not set transport offset to invalid value (bsc#1176081). - net: Introduce parse_protocol header_ops callback (bsc#1176081). - net: enic: Cure the enic api locking trainwreck (git-fixes). - net: hns3: Fix for geneve tx checksum bug (bsc#1104353 ). - net: hns3: add check for HNS3_NIC_STATE_INITED in hns3_reset_notify_up_enet() (bsc#1104353). - net: hns3: disable phy loopback setting in hclge_mac_start_phy (bsc#1104353). - net: hns3: fix for vxlan gpe tx checksum bug (bsc#1104353 ). - net: hns3: fix incorrect configuration for igu_egu_hw_err (bsc#1104353). - net: hns3: initialize the message content in hclge_get_link_mode() (bsc#1126390). - net: hns3: use netif_tx_disable to stop the transmit queue (bsc#1104353). - net: phy: intel-xway: enable integrated led functions (git-fixes). - net: qed: RDMA personality shouldn't fail VF load (git-fixes). - net: thunderx: Fix unintentional sign extension issue (git-fixes). - net: usb: fix memory leak in smsc75xx_bind (git-fixes). - netdevice: Add missing IFF_PHONY_HEADROOM self-definition (git-fixes). - netfilter: conntrack: add new sysctl to disable RST check (bsc#1183947 bsc#1185950). - netfilter: conntrack: avoid misleading 'invalid' in log message (bsc#1183947 bsc#1185950). - netfilter: conntrack: improve RST handling when tuple is re-used (bsc#1183947 bsc#1185950). - netfilter: conntrack: tcp: only close if RST matches exact sequence (bsc#1183947 bsc#1185950). - nfc: pn533: prevent potential memory corruption (git-fixes). - nvme-fc: clear q_live at beginning of association teardown (git-fixes). - nvme-loop: Introduce no merge flag for biovec (bsc#1174682). - pata_arasan_cf: fix IRQ check (git-fixes). - pata_ipx4xx_cf: fix IRQ check (git-fixes). - pcnet32: Use pci_resource_len to validate PCI resource (git-fixes). - phy: marvell: ARMADA375_USBCLUSTER_PHY should not default to y, unconditionally (git-fixes). - phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove() (git-fixes). - pinctrl: core: Fix kernel doc string for pin_get_name() (git-fixes). - pinctrl: lewisburg: Update number of pins in community (git-fixes). - pinctrl: samsung: use 'int' for register masks in Exynos (git-fixes). - platform/mellanox: mlxbf-tmfifo: Fix a memory barrier issue (git-fixes). - platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards with critclk_systems DMI table (git-fixes). - platform/x86: thinkpad_acpi: Correct thermal sensor allocation (git-fixes). - power: supply: Use IRQF_ONESHOT (git-fixes). - power: supply: generic-adc-battery: fix possible use-after-free in gab_remove() (git-fixes). - power: supply: s3c_adc_battery: fix possible use-after-free in s3c_adc_bat_remove() (git-fixes). - powerpc/64: remove start_tb and accum_tb from thread_struct (bsc#1186487 ltc#177613). - powerpc/64s: Fix crashes when toggling entry flush barrier (bsc#1177666 git-fixes). - powerpc/64s: Fix crashes when toggling stf barrier (bsc#1087082 git-fixes). - powerpc/pseries: lparcfg calculate PURR on demand (bsc#1186487 ltc#177613). - regulator: bd9571mwv: Fix AVS and DVFS voltage range (git-fixes). - rsxx: remove extraneous 'const' qualifier (git-fixes). - rtc: ds1307: Fix wday settings for rx8130 (git-fixes). - rtlwifi: 8821ae: upgrade PHY and RF parameters (git-fixes). - s390/dasd: fix hanging DASD driver unbind (bsc#1183754 LTC#192081). - s390/dasd: fix hanging IO request during DASD driver unbind (bsc#1183754 LTC#192081). - s390/entry: save the caller of psw_idle (bsc#1185677). - s390/kdump: fix out-of-memory with PCI (bsc#1182256 LTC#191375). - sata_mv: add IRQ checks (git-fixes). - scsi: core: Run queue in case of I/O resource contention failure (bsc#1186416). - scsi: libfc: Avoid invoking response handler twice if ep is already completed (bsc#1186573). - scsi: lpfc: Add a option to enable interlocked ABTS before job completion (bsc#1186452). - scsi: lpfc: Add ndlp kref accounting for resume RPI path (bsc#1186452). - scsi: lpfc: Fix 'Unexpected timeout' error in direct attach topology (bsc#1186452). - scsi: lpfc: Fix Node recovery when driver is handling simultaneous PLOGIs (bsc#1186452). - scsi: lpfc: Fix bad memory access during VPD DUMP mailbox command (bsc#1186452). - scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the SGLs (bsc#1186452). - scsi: lpfc: Fix node handling for Fabric Controller and Domain Controller (bsc#1186452). - scsi: lpfc: Fix non-optimized ERSP handling (bsc#1186452). - scsi: lpfc: Fix unreleased RPIs when NPIV ports are created (bsc#1186452). - scsi: lpfc: Ignore GID-FT response that may be received after a link flip (bsc#1186452). - scsi: lpfc: Reregister FPIN types if ELS_RDF is received from fabric controller (bsc#1186452). - scsi: lpfc: Update lpfc version to 12.8.0.10 (bsc#1186452). - scsi: qla2xxx: Prevent PRLI in target mode (git-fixes). - serial: sh-sci: Fix off-by-one error in FIFO threshold register setting (git-fixes). - serial: stm32: fix incorrect characters on console (git-fixes). - smc: disallow TCP_ULP in smc_setsockopt() (bsc#1109837). - soc: qcom: mdt_loader: Validate that p_filesz < p_memsz (git-fixes). - spi: dln2: Fix reference leak to master (git-fixes). - spi: omap-100k: Fix reference leak to master (git-fixes). - spi: spi-ti-qspi: Free DMA resources (git-fixes). - staging: emxx_udc: fix loop in _nbu2ss_nuke() (git-fixes). - staging: iio: cdc: ad7746: avoid overwrite of num_channels (git-fixes). - staging: rtl8192u: Fix potential infinite loop (git-fixes). - tcp: fix to update snd_wl1 in bulk receiver fast path (bsc#1185827). - thermal/drivers/ti-soc-thermal/bandgap Remove unused variable 'val' (git-fixes). - thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue (git-fixes). - tpm: fix error return code in tpm2_get_cc_attrs_tbl() (git-fixes). - tracing: Map all PIDs to command lines (git-fixes). - uio: uio_hv_generic: use devm_kzalloc() for private data alloc (git-fixes). - uio_hv_generic: Fix a memory leak in error handling paths (git-fixes). - uio_hv_generic: Fix another memory leak in error handling paths (git-fixes). - uio_hv_generic: add missed sysfs_remove_bin_file (git-fixes). - usb: core: hub: fix race condition about TRSMRCY of resume (git-fixes). - usb: core: hub: fix race condition about TRSMRCY of resume (git-fixes). - usb: dwc3: gadget: Fix START_TRANSFER link state check (git-fixes). - usb: dwc3: omap: improve extcon initialization (git-fixes). - usb: fotg210-hcd: Fix an error message (git-fixes). - usb: sl811-hcd: improve misleading indentation (git-fixes). - usb: typec: tcpci: Check ROLE_CONTROL while interpreting CC_STATUS (git-fixes). - usb: xhci: Fix port minor revision (git-fixes). - usb: xhci: Increase timeout for HC halt (git-fixes). - usb: xhci: Increase timeout for HC halt (git-fixes). - vgacon: Record video mode changes with VT_RESIZEX (git-fixes). - video: hyperv_fb: Add ratelimit on error message (bsc#1185724). - vsock/vmci: log once the failed queue pair allocation (git-fixes). - wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join (git-fixes). - wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt (git-fixes). - xhci: Do not use GFP_KERNEL in (potentially) atomic context (git-fixes). - xsk: Respect device's headroom and tailroom on generic xmit path (bsc#1109837).
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1058115 1064802 1065729 1066129 1071995 1082318 1085030 1087082 1101816 1103992 1104353 1104427 1104745 1109837 1112374 1113431 1114828 1116600 1126390 1133021 1148868 1152457 1152472 1152489 1153274 1154353 1154492 1154980 1155518 1155798 1156395 1157169 1157712 1157714 1158050 1158242 1158265 1158748 1158765 1158983 1159548 1159781 1159867 1160947 1161495 1162002 1162063 1162400 1162702 1164648 1164777 1164780 1165211 1165933 1165975 1166751 1166985 1167104 1167651 1167773 1168230 1168779 1168838 1168959 1169021 1169094 1169194 1169514 1169681 1169771 1170011 1170284 1170442 1170617 1170774 1170879 1170891 1170895 1171150 1171189 1171191 1171219 1171220 1171246 1171417 1171513 1171529 1171530 1171662 1171688 1171699 1171732 1171739 1171743 1171759 1171828 1171857 1171868 1171904 1171915 1171982 1171983 1171988 1172017 1172046 1172061 1172062 1172063 1172064 1172065 1172066 1172067 1172068 1172069 1172073 1172086 1172095 1172169 1172170 1172201 1172208 1172223 1172342 1172343 1172344 1172365 1172366 1172374 1172391 1172393 1172394 1172453 1172458 1172467 1172484 1172537 1172543 1172687 1172719 1172739 1172751 1172759 1172775 1172781 1172782 1172783 1172814 1172823 1172841 1172871 1172938 1172939 1172940 1172956 1172983 1172984 1172985 1172986 1172987 1172988 1172989 1172990 1172999 1173060 1173068 1173074 1173085 1173139 1173206 1173271 1173280 1173284 1173428 1173438 1173461 1173514 1173552 1173573 1173625 1173746 1173776 1173817 1173818 1173820 1173822 1173823 1173824 1173825 1173826 1173827 1173828 1173830 1173831 1173832 1173833 1173834 1173836 1173837 1173838 1173839 1173841 1173843 1173844 1173845 1173847 1173849 1173860 1173894 1173941 1174018 1174072 1174116 1174126 1174127 1174128 1174129 1174185 1174244 1174263 1174264 1174331 1174332 1174333 1174345 1174356 1174396 1174398 1174407 1174409 1174411 1174438 1174462 1174513 1174527 1174543 1174627 1174682 1176081 1177666 1177895 1180552 1181383 1182256 1183738 1183754 1183947 1184040 1184081 1184082 1184611 1184675 1184855 1185428 1185481 1185642 1185677 1185680 1185703 1185724 1185758 1185827 1185859 1185860 1185862 1185863 1185898 1185899 1185901 1185906 1185938 1185950 1185987 1186060 1186061 1186062 1186111 1186285 1186390 1186416 1186439 1186441 1186452 1186460 1186484 1186487 1186498 1186573 962849 995932 996032 99606 996648 CVE-2008-4989 CVE-2009-0799 CVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182 CVE-2009-1183 CVE-2009-1187 CVE-2009-1188 CVE-2009-2285 CVE-2009-2347 CVE-2009-3607 CVE-2009-3608 CVE-2010-2065 CVE-2010-2067 CVE-2010-2233 CVE-2010-4352 CVE-2010-4665 CVE-2011-0192 CVE-2011-0904 CVE-2011-0905 CVE-2011-1164 CVE-2011-1167 CVE-2011-1831 CVE-2011-1832 CVE-2011-1833 CVE-2011-1834 CVE-2011-1835 CVE-2011-1836 CVE-2011-1837 CVE-2011-2485 CVE-2011-4128 CVE-2012-0390 CVE-2012-1173 CVE-2012-1569 CVE-2012-1573 CVE-2012-2113 CVE-2012-3401 CVE-2012-3524 CVE-2012-4564 CVE-2013-1788 CVE-2013-1789 CVE-2013-1790 CVE-2013-1960 CVE-2013-1961 CVE-2013-2132 CVE-2013-2168 CVE-2013-4231 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 CVE-2013-4473 CVE-2013-4474 CVE-2014-0092 CVE-2014-0467 CVE-2014-1959 CVE-2014-3466 CVE-2014-3477 CVE-2014-3532 CVE-2014-3533 CVE-2014-3635 CVE-2014-3636 CVE-2014-3637 CVE-2014-3638 CVE-2014-3639 CVE-2014-7300 CVE-2014-7824 CVE-2014-8148 CVE-2015-0245 CVE-2016-5147 CVE-2016-5148 CVE-2016-5149 CVE-2016-5150 CVE-2016-5151 CVE-2016-5152 CVE-2016-5153 CVE-2016-5154 CVE-2016-5155 CVE-2016-5156 CVE-2016-5157 CVE-2016-5158 CVE-2016-5159 CVE-2016-5160 CVE-2016-5161 CVE-2016-5162 CVE-2016-5163 CVE-2016-5164 CVE-2016-5165 CVE-2016-5166 CVE-2018-16471 CVE-2019-16782 CVE-2019-18277 CVE-2019-19462 CVE-2019-20810 CVE-2019-20812 CVE-2020-0305 CVE-2020-0556 CVE-2020-10135 CVE-2020-10711 CVE-2020-10732 CVE-2020-10751 CVE-2020-10766 CVE-2020-10767 CVE-2020-10768 CVE-2020-10773 CVE-2020-10781 CVE-2020-12656 CVE-2020-12769 CVE-2020-12771 CVE-2020-12888 CVE-2020-13143 CVE-2020-13974 CVE-2020-14416 CVE-2020-15393 CVE-2020-15780 CVE-2020-24586 CVE-2020-24587 CVE-2020-26139 CVE-2020-26141 CVE-2020-26145 CVE-2020-26147 CVE-2020-27153 CVE-2021-23133 CVE-2021-23134 CVE-2021-32399 CVE-2021-33034 CVE-2021-33200 CVE-2021-3491 SUSE-SU-2016:2250-1 SUSE-SU-2019:3125-1 SUSE-SU-2020:0359-1 SUSE-SU-2020:2105-1 SUSE-SU-2020:3034-1 SUSE-SU-2021:1913-1
|
Platform(s): | SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Availability 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 12 SP5 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 5 SUSE Package Hub for SUSE Linux Enterprise 12
| Product(s): | |
Definition Synopsis |
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND python-pymongo-2.6.3-2 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 11 SP2 is installed
AND Package Information
libwebkit-1_0-2-1.2.7-0.15.2 is installed
OR libwebkit-lang-1.2.7-0.15.2 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 11 SP3 is installed
AND Package Information
libvirt-1.0.5.9-0.9.1 is installed
OR libvirt-client-1.0.5.9-0.9.1 is installed
OR libvirt-client-32bit-1.0.5.9-0.9.1 is installed
OR libvirt-doc-1.0.5.9-0.9.1 is installed
OR libvirt-python-1.0.5.9-0.9.1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 is installed
AND Package Information
ecryptfs-utils-103-5 is installed
OR ecryptfs-utils-32bit-103-5 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP1 is installed
AND Package Information
dbus-1-1.8.16-14 is installed
OR dbus-1-x11-1.8.16-14 is installed
OR libdbus-1-3-1.8.16-14 is installed
OR libdbus-1-3-32bit-1.8.16-14 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP2 is installed
AND argyllcms-1.6.3-3 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP3 is installed
AND Package Information
bind-libs-9.9.9P1-62 is installed
OR bind-libs-32bit-9.9.9P1-62 is installed
OR bind-utils-9.9.9P1-62 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP4 is installed
AND Package Information
java-1_7_0-openjdk-1.7.0.181-43.15 is installed
OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
|
Definition Synopsis |
SUSE Linux Enterprise High Availability 12 is installed
AND python-PyYAML-3.10-15.1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise High Availability 12 SP1 is installed
AND Package Information
ctdb-4.2.4-26.2 is installed
OR samba-4.2.4-26.2 is installed
|
Definition Synopsis |
SUSE Linux Enterprise High Availability 12 SP2 is installed
AND lighttpd-1.4.35-1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise High Availability 12 SP3 is installed
AND lighttpd-1.4.35-3 is installed
|
Definition Synopsis |
SUSE Linux Enterprise High Availability 12 SP4 is installed
AND Package Information
corosync-2.3.6-9.13 is installed
OR libcorosync4-2.3.6-9.13 is installed
|
Definition Synopsis |
SUSE Linux Enterprise High Availability 12 SP5 is installed
AND fence-agents-4.4.0+git.1558595666.5f79f9e9-3.8 is installed
|
Definition Synopsis |
SUSE Linux Enterprise High Availability 15 is installed
AND haproxy-2.0.10+git0.ac198b92-3.15 is installed
|
Definition Synopsis |
SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
AND apache2-mod_jk-1.2.40-7.3 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Live Patching 12 is installed
AND Package Information
kgraft-patch-3_12_32-33-default-3-2.1 is installed
OR kgraft-patch-3_12_32-33-xen-3-2.1 is installed
OR kgraft-patch-SLE12_Update_1-3-2.1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Live Patching 12 SP3 is installed
AND Package Information
kgraft-patch-4_4_82-6_3-default-1-2.1 is installed
OR kgraft-patch-SLE12-SP3_Update_1-1-2.1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed
AND python-pycrypto-2.6.1-10.3.1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Module for Containers 12 is installed
AND sles12sp1-docker-image-1.0.4-20160308170633 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Module for Legacy Software 12 is installed
AND Package Information
java-1_6_0-ibm-1.6.0_sr16.1-5 is installed
OR java-1_6_0-ibm-fonts-1.6.0_sr16.1-5 is installed
OR java-1_6_0-ibm-jdbc-1.6.0_sr16.1-5 is installed
OR java-1_6_0-ibm-plugin-1.6.0_sr16.1-5 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Module for Public Cloud 12 is installed
AND Package Information
kernel-ec2-3.12.36-38.1 is installed
OR kernel-ec2-devel-3.12.36-38.1 is installed
OR kernel-ec2-extra-3.12.36-38.1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Module for Web Scripting 12 is installed
AND python-pycrypto-2.6.1-10.3.1 is installed
|
Definition Synopsis |
Release Information
SUSE Linux Enterprise Server 11 SP3 is installed
AND
xorg-x11-libXrender-7.4-1.16.2 is installed
OR xorg-x11-libXrender-32bit-7.4-1.16.2 is installed
OR xorg-x11-libXrender-x86-7.4-1.16.2 is installed
OR Package Information
SUSE Linux Enterprise Server for VMWare 11 SP3 is installed
AND
xorg-x11-libXrender-7.4-1.16.2 is installed
OR xorg-x11-libXrender-32bit-7.4-1.16.2 is installed
OR xorg-x11-libXrender-x86-7.4-1.16.2 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 11 SP3 is installed
AND libmusicbrainz4-2.1.5-5.18 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 11 SP4 is installed
AND Package Information
Mesa-9.0.3-0.28.29.2 is installed
OR Mesa-32bit-9.0.3-0.28.29.2 is installed
OR Mesa-x86-9.0.3-0.28.29.2 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 is installed
AND apache-commons-httpclient-3.1-4 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP1 is installed
AND Package Information
libopenssl1_0_0-1.0.1i-36.1 is installed
OR libopenssl1_0_0-32bit-1.0.1i-36.1 is installed
OR libopenssl1_0_0-hmac-1.0.1i-36.1 is installed
OR libopenssl1_0_0-hmac-32bit-1.0.1i-36.1 is installed
OR openssl-1.0.1i-36.1 is installed
OR openssl-doc-1.0.1i-36.1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2 is installed
AND Package Information
libgcrypt20-1.6.1-16.33 is installed
OR libgcrypt20-32bit-1.6.1-16.33 is installed
OR libgcrypt20-hmac-1.6.1-16.33 is installed
OR libgcrypt20-hmac-32bit-1.6.1-16.33 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3 is installed
AND Package Information
apache-commons-beanutils-1.9.2-1 is installed
OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP4 is installed
AND Package Information
gdk-pixbuf-loader-rsvg-2.40.20-5.6 is installed
OR librsvg-2-2-2.40.20-5.6 is installed
OR librsvg-2-2-32bit-2.40.20-5.6 is installed
OR rsvg-view-2.40.20-5.6 is installed
|
Definition Synopsis |
Release Information
SUSE Linux Enterprise Server 12 SP5 is installed
OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed
AND Package Information
kernel-docs-4.12.14-122.74.2 is installed
OR kernel-obs-build-4.12.14-122.74.1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12-LTSS is installed
AND Package Information
kgraft-patch-3_12_60-52_54-default-2-2.2 is installed
OR kgraft-patch-3_12_60-52_54-xen-2-2.2 is installed
OR kgraft-patch-SLE12_Update_15-2-2.2 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
AND Package Information
kernel-default-4.4.90-92.45 is installed
OR kernel-default-base-4.4.90-92.45 is installed
OR kernel-default-devel-4.4.90-92.45 is installed
OR kernel-devel-4.4.90-92.45 is installed
OR kernel-macros-4.4.90-92.45 is installed
OR kernel-source-4.4.90-92.45 is installed
OR kernel-syms-4.4.90-92.45 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
AND Package Information
openldap2-2.4.26-0.62.2 is installed
OR openldap2-back-perl-2.4.26-0.62.2 is installed
OR openldap2-client-2.4.26-0.62.2 is installed
OR openldap2-devel-2.4.26-0.62.2 is installed
OR openldap2-devel-32bit-2.4.26-0.62.2 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
AND Package Information
libxcb-composite0-1.10-1 is installed
OR libxcb-damage0-1.10-1 is installed
OR libxcb-devel-1.10-1 is installed
OR libxcb-devel-doc-1.10-1 is installed
OR libxcb-dpms0-1.10-1 is installed
OR libxcb-dri3-0-1.10-1 is installed
OR libxcb-present0-1.10-1 is installed
OR libxcb-record0-1.10-1 is installed
OR libxcb-res0-1.10-1 is installed
OR libxcb-screensaver0-1.10-1 is installed
OR libxcb-xevie0-1.10-1 is installed
OR libxcb-xinerama0-1.10-1 is installed
OR libxcb-xprint0-1.10-1 is installed
OR libxcb-xtest0-1.10-1 is installed
OR libxcb-xvmc0-1.10-1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
AND Package Information
DirectFB-devel-1.7.1-6 is installed
OR lib++dfb-devel-1.7.1-6 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed
AND LibVNCServer-devel-0.9.9-16 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Workstation Extension 12 is installed
AND Package Information
finch-2.10.9-8.1 is installed
OR libpurple-2.10.9-8.1 is installed
OR libpurple-lang-2.10.9-8.1 is installed
OR libpurple-meanwhile-2.10.9-8.1 is installed
OR libpurple-tcl-2.10.9-8.1 is installed
OR pidgin-2.10.9-8.1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed
AND Package Information
flash-player-11.2.202.559-117.1 is installed
OR flash-player-gnome-11.2.202.559-117.1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed
AND Package Information
imap-2007e_suse-22.1 is installed
OR libc-client2007e_suse-2007e_suse-22.1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
AND Package Information
kernel-default-5.3.18-24.9 is installed
OR kernel-default-extra-5.3.18-24.9 is installed
|
Definition Synopsis |
SUSE Package Hub for SUSE Linux Enterprise 12 is installed
AND Package Information
chromedriver-53.0.2785.89-96 is installed
OR chromium-53.0.2785.89-96 is installed
OR chromium-desktop-gnome-53.0.2785.89-96 is installed
OR chromium-desktop-kde-53.0.2785.89-96 is installed
OR chromium-ffmpegsumo-53.0.2785.89-96 is installed
|